Discussion of krb5_get_init_creds_password() behavior was Re:problem with the kinit_prompter in kfw 2.5
Sam Hartman
hartmans at MIT.EDU
Thu Feb 19 18:24:29 EST 2004
>>>>> "John" == John Hascall <john at iastate.edu> writes:
>> So, I'm confused. I agree there is a problem if you enter in a
>> null password and in that case you will get double prompted.
>> In all other cases I fail to see the problem. Note that you
>> have to explicitly declare your list of master KDCs. By
>> default in 1.3.x, no KDCs are masters and no second attempt is
>> made.
John> And that was the problem Beata Pruski mentioned. If no
John> master kdcs are defined, and a user has an expired password,
John> then
John> the 1st call returns KRB5_EXPIRED_PASSWORD (or whatever
John> it is), then
John> the 2nd call fails with that oddly named REALM error, and
John> *that* gets returned
And Alexis mentioned this has already been fixed.
More information about the krbdev
mailing list